SEO poisoning pushes malware-laced Zoom, TeamViewer, Visual Studio installers

A new SEO poisoning campaign is underway, dropping the Batloader and Atera Agent malware onto the systems of targeted professionals searching for productivity tool downloads, such as Zoom, TeamViewer, and Visual Studio. [...]

https://www.bleepingcomputer.com/news/security/seo-poisoning-pushes-malware-laced-zoom-teamviewer-visual-studio-installers/

Business services provider Morley discloses ransomware incident

Morley Companies Inc. disclosed a data breach after suffering a ransomware attack on August 1st, 2021, allowing threat actors to steal data before encrypting files. [...]

https://www.bleepingcomputer.com/news/security/business-services-provider-morley-discloses-ransomware-incident/

Microsoft Sentinel adds threat monitoring for GitHub repos

Microsoft says its cloud-native SIEM (Security Information and Event Management) platform now allows to detect potential ransomware activity using the Fusion machine learning model. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-sentinel-adds-threat-monitoring-for-github-repos/

KP Snacks giant hit by Conti ransomware, deliveries disrupted

KP Snacks, a major producer of popular British snacks has been hit by the Conti ransomware group affecting distribution to leading supermarkets. [...]

https://www.bleepingcomputer.com/news/security/kp-snacks-giant-hit-by-conti-ransomware-deliveries-disrupted/

Intel unveils Circuit Breaker bug bounty expansion for elite hackers

Intel says its engineers are partnering with security researchers to hunt for vulnerabilities in firmware, GPUs, hypervisors, chipsets, and other products in a new expansion to its bug bounty program. [...]

https://www.bleepingcomputer.com/news/security/intel-unveils-circuit-breaker-bug-bounty-expansion-for-elite-hackers/

Windows 10 optional updates fix performance problems introduced last month

Optional updates for Windows 10 and Windows 11 released in January have fixed performance problems when playing games, using the operating system, or even opening folders in File Explorer. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-optional-updates-fix-performance-problems-introduced-last-month/

Office 365 boosts email security against MITM, downgrade attacks

Microsoft has added SMTP MTA Strict Transport Security (MTA-STS) support to Exchange Online to ensure Office 365 customers' email communication integrity and security. [...]

https://www.bleepingcomputer.com/news/microsoft/office-365-boosts-email-security-against-mitm-downgrade-attacks/

GitHub outage impacts Actions, Codespaces, Issues, Pull Requests

​GitHub is currently down, affected by a worldwide outage preventing access to the website, issuing commits, cloning projects, or performing pull requests. [...]

https://www.bleepingcomputer.com/news/technology/github-outage-impacts-actions-codespaces-issues-pull-requests/

ESET antivirus bug let attackers gain Windows SYSTEM privileges

Slovak internet security firm ESET released security fixes to address a high severity local privilege escalation vulnerability affecting multiple products on systems running Windows 10 and later or Windows Server 2016 and above. [...]

https://www.bleepingcomputer.com/news/microsoft/eset-antivirus-bug-let-attackers-gain-windows-system-privileges/

Wormhole platform hacked to steal $326 million in crypto

Hackers have exploited a vulnerability in the Wormhole cross-chain crypto platform to steal $320 million in cryptocurrency. [...]

https://www.bleepingcomputer.com/news/cryptocurrency/wormhole-platform-hacked-to-steal-326-million-in-crypto/

MFA adoption pushes phishing actors to reverse-proxy solutions

The rising adoption of multi-factor authentication (MFA) for online accounts pushes phishing actors to use more sophisticated solutions to continue their malicious operations, most notably reverse-proxy tools. [...]

https://www.bleepingcomputer.com/news/security/mfa-adoption-pushes-phishing-actors-to-reverse-proxy-solutions/

State hackers' new malware helped them stay undetected for 250 days

A state-backed Chinese APT actor tracked as 'Antlion' has been using a new custom backdoor called 'xPack' against financial organizations and manufacturing companies. [...]

https://www.bleepingcomputer.com/news/security/state-hackers-new-malware-helped-them-stay-undetected-for-250-days/

Microsoft blocked billions of brute-force and phishing attacks last year

Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks successfully blocked last year by Microsoft. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-blocked-billions-of-brute-force-and-phishing-attacks-last-year/

Target open sources scanner for digital credit card skimmers

Target, one of the largest American department store chains and e-commerce retailers, has open sourced 'Merry Maker' - its years-old proprietary scanner for payment card skimming. [...]

https://www.bleepingcomputer.com/news/security/target-open-sources-scanner-for-digital-credit-card-skimmers/

Cisco fixes critical bugs in RV routers, exploit code available

Cisco has released patches for multiple vulnerabilities in the Small Business RV Series router platform that could allow remote attackers to gain complete control over the device, in many cases, without authentication. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-bugs-in-rv-routers-exploit-code-available/

Intuit warns of phishing emails threatening to delete accounts

Accounting and tax software provider Intuit has notified customers of an ongoing phishing campaign impersonating the company and trying to lure victims with fake warnings that their accounts have been suspended. [...]

https://www.bleepingcomputer.com/news/security/intuit-warns-of-phishing-emails-threatening-to-delete-accounts/

Windows Terminal now can automatically launch profiles as Administrator

Microsoft released today a new Windows Terminal version that comes with a long-awaited feature making it possible to launch profiles that will automatically run as Administrator. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-terminal-now-can-automatically-launch-profiles-as-administrator/

Zimbra zero-day vulnerability actively exploited to steal emails

A cross-site scripting (XSS) vulnerability in the Zimbra email platform is currently actively exploited in attacks targeting European media and government organizations. [...]

https://www.bleepingcomputer.com/news/security/zimbra-zero-day-vulnerability-actively-exploited-to-steal-emails/

Wormhole restores stolen $326 million after major crypto bailout

Cryptocurrency platform Wormhole has recovered upwards of $326 million stolen in this week's crypto hack, thanks to a major bailout. [...]

https://www.bleepingcomputer.com/news/security/wormhole-restores-stolen-326-million-after-major-crypto-bailout/

News Corp discloses hack from "persistent" nation state cyber attacks

American media and publishing giant News Corp has disclosed today that it was the target of a "persistent" cyberattack. The attack discovered sometime this January, reportedly allowed threat actors to access emails and documents of some News Corp employees, including journalists. [...]

https://www.bleepingcomputer.com/news/security/news-corp-discloses-hack-from-persistent-nation-state-cyber-attacks/

Swissport ransomware attack delays flights, disrupts operations

Aviation services company Swissport International has disclosed a ransomware attack that has impacted its IT infrastructure and services, causing flights to suffer delays. [...]

https://www.bleepingcomputer.com/news/security/swissport-ransomware-attack-delays-flights-disrupts-operations/